Social Security Administration:

Actions Needed to Strengthen Processes for Issuing Social Security Numbers to Children

GAO-05-115: Published: Jan 31, 2005. Publicly Released: Feb 23, 2005.

Additional Materials:

Contact:

Barbara D. Bovbjerg
(202) 512-5491
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

In fiscal year 2004, the Social Security Administration (SSA) issued about 4.2 million original Social Security numbers (SSN) and 2 million SSN replacement cards to U.S.-born children. Despite its narrowly intended purpose, today, young children need a SSN to be claimed on their parent's income tax return or to apply for certain government benefits. Because children's SSNs, like all SSNs, are vulnerable to theft and misuse, the Chairman of the Senate Committee on Finance requested that GAO (1) document SSA's current processes and internal controls for issuing SSNs to U.S.-born children under the age of 18 and (2) identify any weaknesses that may affect SSA's ability to ensure the integrity of the SSN and the efficiency of enumeration processes.

SSA has two processes for issuing SSNs to U.S.-born children--one that allows parents to request SSNs through a hospital during birth registration and one that permits them to apply through SSA field offices--both of which include various internal control mechanisms. Today, SSA issues the majority of SSNs to children through its Enumeration at Birth (EAB) program. Participating hospitals forward the SSN request and other birth registration data to vital statistics agencies, which then send it to SSA. SSA's automated system ensures that the data are complete and mails the SSN to the parent. Parents may also request SSNs through SSA field offices by mail or in person. This process requires parents to present proof of the child's age, identity, and citizenship as well as proof of their own identity. As fraud prevention measures, SSA also interviews children 12 and older and verifies documents with a third party for those over age 1. If a child's SSN card is lost or stolen, parents may also apply for a replacement card. SSA requires proof of identification for both the parent and the child to obtain such cards. Despite SSA's efforts to improve its enumeration processes, weaknesses persist in EAB program oversight and outreach, manual birth verification procedures, and other vulnerabilities that could adversely affect the integrity of SSA's processes. Federal internal control standards state that agencies should assess and mitigate risk to their programs. However, SSA does not conduct comprehensive integrity reviews, or coordinate with external auditing agencies to ensure that vital statistics agencies and hospitals are properly collecting and protecting enumeration data for children. In addition, SSA lacks a nationwide capability to efficiently verify birth certificates for children whose parents apply through SSA field offices, although a prior SSA pilot proved successful in providing such verifications. Further, SSA lacks a policy for securing and tracking birth certificates once manual verifications are complete, making these documents vulnerable to misuse. Finally, SSA's policies for verifying birth certificates of children under age 1 and for issuing replacement SSN cards, which allow for up to 52 cards annually, remain weak and could expose the program to fraud. The Intelligence Reform and Terrorism Prevention Act of 2004 will assist SSA in protecting the integrity of the SSN by requiring the agency to verify birth documents for all SSN applicants, except for EAB purposes, and limit the issuance of SSN replacement cards.

Matter for Congressional Consideration

  1. Status: Closed - Implemented

    Comments: The Intelligence Reform and Terrorism Prevention Act of 2004 strengthened controls over birth certificates and set minimum standards for the states to certify to the Secretary of Health and Human Services (HHS) that birth certificates must meet to be accepted for any official purpose by a federal agency. Under the Act, the Secretaries of HHS and the Department of Homeland Security (DHS) and the Commissioner of Social Security may prescribe regulations for certifications. Minimum standards were required to be in place by December 17, 2005. The Secretary of HHS and the Commissioner of Social Security and other appropriate federal agencies shall award grants to states to assist states in computerizing their birth and death records, developing the capability to match birth and death records within each state and among states, and to note the fact of death on the birth certificates of deceased persons. Congress is further considering legislation that would require the Commissioner of Social Security to independently verify birth records provided by the applicant in support of the application from the agency that issued the record. On May 2, 2007, Senate Bill S. 1269, was introduced, which also requires the establishment of electronic birth and death registrations to ensure that systems for issuing birth certificates employ a common format for the printing of a certified copy so that an authorized person may quickly confirm its validity. The legislation would require that authorized federal and state agency users have a single interface to generate an electronic query to any vital records jurisdiction in the country to verify the contents of a paper birth certificate, so that each participating jurisdiction can provide an electronic response as to whether the information in the birth record is accurate and whether the individual in question is deceased. The legislation was referred to the Committee on the Judiciary for further action. DHS and SSA continue work to improve the interface between birth and death records to minimize occurrences of fraud.

    Matter: In light of the key role certified birth certificates play in SSA's enumeration processes and the potential for identity thieves to use fraudulent birth documents to obtain SSNs, the Congress may wish to consider authorizing the development of a cost-effective nationwide system to electronically verify these documents.

Recommendations for Executive Action

  1. Status: Closed - Implemented

    Comments: SSA agreed and stated that it fully support outreach efforts to hospitals to ensure that parents receive accurate and complete information about the Enumeration at Birth (EAB) process. SSA stated that its field offices are supplied with outreach materials that are to be given to parents of newborns via the hospital, and the hospitals are provided information explaining the timeframes for processing SSNs but it remains the hospitals' responsibility to provide this information to the parents. In SSA's response to the SSA Inspector General's April 2006 report following up on the Enumeration at Birth Program, SSA commented that the agency provides a "Frequently Asked Question (FAQ)" list on the SSA Internet site that is available to the public that shows, by state, the average processing time in response to a question about the length of time to get a Social Security Card for a newborn. In the April 2009 follow up, SSA reported that it had provided speakers to the South Carolina Birth Clerks Conference to discuss the enumeration at birth process. According to SSA, the agency received four different requests to speak to birth registration clerks from hospitals in South Carolina in order to satisfy an increase in patients' questions about the issuance of Social Security cards for children born in their hospitals.

    Recommendation: To strengthen the integrity of SSNs issued to children, the Commissioner of Social Security should provide additional education and outreach to hospitals to ensure they provide consistent information to parents to decide which process best meets their needs and to minimize second-time requests that might cause the issuance of multiple SSNs.

    Agency Affected: Social Security Administration

  2. Status: Closed - Not Implemented

    Comments: SSA agreed that coordination and sharing of information is important and notes that it will encourage state auditing agencies to share report results so that SSA can monitor the findings and recommendations to mitigate risks to the enumeration process. Followup with SSA in June 2007 did not result in any new indications of coordinated efforts between SSA and states of states' audit report results. Additional followup with SSA officials in April 2009 indicated that SSA had not taken any additional steps to coordinate with external audit agencies such as state or local auditors.

    Recommendation: To strengthen the integrity of SSNs issued to children, the Commissioner of Social Security should establish a mechanism to better coordinate with external audit agencies that periodically conduct reviews of states' birth registration and certification processes. Monitor the findings and recommendations of such reviews to mitigate risks to SSA's enumeration processes.

    Agency Affected: Social Security Administration

  3. Status: Closed - Implemented

    Comments: SSA initially disagreed with the recommendation, stating that it is not within the agency's purview to ensure the reliability of State agency or hospital enumeration data. Because the Enumeration at Birth (EAB) process is voluntary, SSA states that it cannot compel participation or become involved in the state agencies or reporting institutions' internal control mechanisms. However, SSA reports that it will operate within its internal control mechanisms to ensure timeliness and accuracy of information transmitted in the EAB process. SSA reported that beginning January 1, 2008, the agency began denying payment for records that did not meet specific time line criteria within a 3-month period of the date due. Additionally, SSA has stopped paying for records assigned through field offices processes after parents filed through the enumeration at birth process. According to SSA, these two changes require that states file births more timely in order to to receive payment for all records. Such changes serves to enhance SSA's internal controls and results in strengthening the integrity of SSNs issued to children.

    Recommendation: To strengthen the integrity of SSNs issued to children, the Commissioner of Social Security should explore options for improving internal control mechanisms to ensure the reliability of enumeration data from vital statistics agencies and hospitals. This could include conducting periodic integrity reviews of vital statistics agencies and requiring these agencies to perform periodic audits of hospitals and birthing centers.

    Agency Affected: Social Security Administration

  4. Status: Closed - Implemented

    Comments: SSA agreed with this recommendation and issued policies that establish procedures for handling, securing, and tracking birth certificates that it obtains for verification purposes. These policies were issued in its Program and Operations Manual System (POMS) in April 2006, providing instructions for securing and handling birth certificates after they are used to process Social Security number applications. According to SSA, the policy differs whether the document is verified or not verified with the issuing agency. SSA noted that the policy requires that documents be shredded if verified with the issuing agency. If the document cannot be verified, it is considered fraudulent and is placed in a locked file to await disposition instructions from the SSA Office of the Inspector General.

    Recommendation: To strengthen the integrity of SSNs issued to children, the Commissioner of Social Security should establish procedures for handling, securing, and tracking birth certificates obtained for verification purposes to fully protect against potential fraud and abuse.

    Agency Affected: Social Security Administration

 

Explore the full database of GAO's Open Recommendations »

Nov 18, 2014

Nov 13, 2014

Oct 10, 2014

Sep 30, 2014

Sep 22, 2014

Jul 9, 2014

May 14, 2014

Apr 30, 2014

Mar 26, 2014

Looking for more? Browse all our products here